Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang.

RansomEXX ransomware gang hit the Taiwanese manufacturer and distributor of computer hardware GIGABYTE and claims to have stolen 112GB of data.

At the time of this writing, the leak site of the RansomEXX gang dosn’t include the company name, but BleepingComputer has learned that the attack was conducted by this ransomware gang.

The attack took place on Tuesday night, in response to the infection the company shut down its systems to prevent the ransomware from spreading. The incident also affected multiple websites of the company, including its support site and portions of the Taiwanese website.

The company confirmed the security breach and launched an investigation into the incident with the help of external security experts.

“GIGABYTE, a major manufacturer of motherboards and graphics cards, confirmed that some servers were attacked by hackers today, and the security defense was activated as soon as possible. All affected internal services have resumed operation. Currently, production, sales and daily operations are not affected.” states the Chinese news site United Daily News.

“GIGABYTE released a major message stating that the information security team has cooperated with technical experts from a number of external information security companies to jointly handle this cyber attack on a small number of servers of GIGABYTE, and has notified the abnormal network conditions it has detected.”

The company also notified law enforcement.

BleepingComputer received a ransom note that includes a link to a non-public page containing instructions for Gigabytes to start negotiations. The page also allows the victims to test the decryption of a file encrypted by ransomware.

“We have downloaded 112 GB (120,971,743,713 bytes) of your files and we are ready to PUBLISH it.
Many of them are under NDA (Intel, AMD, American Megatrends).
Leak sources: newautobom.gigabyte.intra, git.ami.com.tw and some others.” reads the leak page viewed by BleepingComputer.

The data leak page also includes images of some documents stolen from the company. 

Recently the RansomEXX gang infected the systems at Italy’s Lazio region causing problems for the ongoing COVID19 vaccination campaign.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, RansomEXX)

The post RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE appeared first on Security Affairs.

You May Also Like

BlackMatter Group Debuts Linux-Targeting Ransomware

VMware ESXi Servers Targeted by Crypto-Locking Malware, MalwareHunterTeam WarnsThe new BlackMatter Russian-speaking…

17 cyber insurance application questions you’ll need to answer

I recently had to renew the cyber insurance policy for the office…

Secrets and Lies: The Games Ransomware Attackers Play

Criminals Regularly Fib About Stealing Data, Sparing Hospitals and Much MoreA seemingly…

Israeli surveillance firm Candiru used Windows zero-days to deploy spyware

Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days…